Merge branch 'master' of github.com:lynndylanhurley/devise_token_auth

Jylth · Oct 25, 2015 · ce5ed42 · ce5ed42
2 parents 2b8f2af + 8a7ee78
commit ce5ed42
Show file tree

Hide file tree

Showing 6 changed files with 17 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -135,16 +135,16 @@ The following routes are available for use by your client. These routes live rel
 
 | path | method | purpose |
 |:-----|:-------|:--------|
-| /    | POST   | Email registration. Accepts **`email`**, **`password`**, and **`password_confirmation`** params. A verification email will be sent to the email address provided. Accepted params can be customized using the [`devise_parameter_sanitizer`](https://github.com/plataformatec/devise#strong-parameters) system. |
+| /    | POST   | Email registration. Requires **`email`**, **`password`**, and **`password_confirmation`** params. A verification email will be sent to the email address provided. Accepted params can be customized using the [`devise_parameter_sanitizer`](https://github.com/plataformatec/devise#strong-parameters) system. |
 | / | DELETE | Account deletion. This route will destroy users identified by their **`uid`** and **`auth_token`** headers. |
 | / | PUT | Account updates. This route will update an existing user's account settings. The default accepted params are **`password`** and **`password_confirmation`**, but this can be customized using the [`devise_parameter_sanitizer`](https://github.com/plataformatec/devise#strong-parameters) system. If **`config.check_current_password_before_update`** is set to `:attributes` the **`current_password`** param is checked before any update, if it is set to `:password` the **`current_password`** param is checked only if the request updates user password. |
-| /sign_in | POST | Email authentication. Accepts **`email`** and **`password`** as params. This route will return a JSON representation of the `User` model on successful login. |
+| /sign_in | POST | Email authentication. Requires **`email`** and **`password`** as params. This route will return a JSON representation of the `User` model on successful login along with the `access-token` and `client` in the header of the response. |
 | /sign_out | DELETE | Use this route to end the user's current session. This route will invalidate the user's authentication token. |
 | /:provider | GET | Set this route as the destination for client authentication. Ideally this will happen in an external window or popup. [Read more](#omniauth-authentication). |
 | /:provider/callback | GET/POST | Destination for the oauth2 provider's callback uri. `postMessage` events containing the authenticated user's data will be sent back to the main client window from this page. [Read more](#omniauth-authentication). |
-| /validate_token | GET | Use this route to validate tokens on return visits to the client. Accepts **`uid`** and **`access-token`** as params. These values should correspond to the columns in your `User` table of the same names. |
+| /validate_token | GET | Use this route to validate tokens on return visits to the client. Requires **`uid`**, **`client`**, and **`access-token`** as params. These values should correspond to the columns in your `User` table of the same names. |
 | /password | POST | Use this route to send a password reset confirmation email to users that registered by email. Accepts **`email`** and **`redirect_url`** as params. The user matching the `email` param will be sent instructions on how to reset their password. `redirect_url` is the url to which the user will be redirected after visiting the link contained in the email. |
-| /password | PUT | Use this route to change users' passwords. Accepts **`password`** and **`password_confirmation`** as params. This route is only valid for users that registered by email (OAuth2 users will receive an error). It also checks **`current_password`** if **`config.check_current_password_before_update`** is not set `false` (disabled by default). |
+| /password | PUT | Use this route to change users' passwords. Requires **`password`** and **`password_confirmation`** as params. This route is only valid for users that registered by email (OAuth2 users will receive an error). It also checks **`current_password`** if **`config.check_current_password_before_update`** is not set `false` (disabled by default). |
 | /password/edit | GET | Verify user by password reset token. This route is the destination URL for password reset confirmation. This route must contain **`reset_password_token`** and **`redirect_url`** params. These values will be set automatically by the confirmation email that is generated by the password reset request. |
 
 [Jump here](#usage-cont) for more usage information.

diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb
@@ -103,7 +103,7 @@ def edit
           config:         params[:config]
         }))
       else
-        render_edit_error
+        raise ActionController::RoutingError.new('Not Found')
       end
     end
 
@@ -179,12 +179,6 @@ def render_create_error
       }, status: @error_status
     end
 
-    def render_edit_error
-      render json: {
-        success: false
-      }, status: 404
-    end
-
     def render_update_error_unauthorized
       render json: {
         success: false,

diff --git a/app/models/devise_token_auth/concerns/user.rb b/app/models/devise_token_auth/concerns/user.rb
@@ -233,7 +233,7 @@ def token_validation_response
   # only validate unique email among users that registered by email
   def unique_email_user
     if provider == 'email' and self.class.where(provider: 'email', email: email).count > 0
-      errors.add(:email, :already_in_use, default: "address is already in use")
+      errors.add(:email, :already_in_use)
     end
   end
 

diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -27,4 +27,6 @@ en:
   errors:
     validate_sign_up_params: "Please submit proper sign up data in request body."
     validate_account_update_params: "Please submit proper account update data in request body."
-    not_email: "is not an email"
+    not_email: "is not an email"
+    message:
+      already_in_use: already in use
diff --git a/config/locales/es.yml b/config/locales/es.yml
@@ -27,4 +27,6 @@ es:
   errors:
     validate_sign_up_params: "Los datos introducidos en la solicitud de acceso no son válidos."
     validate_account_update_params: "Los datos introducidos en la solicitud de actualización no son válidos."
-    not_email: "no es un correo electrónico"
+    not_email: "no es un correo electrónico"
+    messages:
+      already_in_use: ya ha sido ocupado
diff --git a/test/controllers/devise_token_auth/passwords_controller_test.rb b/test/controllers/devise_token_auth/passwords_controller_test.rb
@@ -123,13 +123,13 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
           end
 
           describe 'password reset link failure' do
-            test 'respone should return 404' do
-              xhr :get, :edit, {
-                  reset_password_token: 'bogus',
+            test 'response should return 404' do
+              assert_raises(ActionController::RoutingError) {
+                xhr :get, :edit, {
+                  reset_password_token: "bogus",
                   redirect_url: @mail_redirect_url
+                }
               }
-
-              assert_equal 404, response.status
             end
           end